One last question on this php script:D

Fiveohhh

Diamond Member
Jan 18, 2002
3,776
0
0
Hopefully this will be my last question on this script. How do I get it to verify the username is valid It does it now, but if I have a valid username and an invalid PW I still get an invalid username error. I thought in line 8 I was grabbing the name column and if a name doesn't match get an invalid username msg, and than exit.

Hopefully this will be the last question I have on this thing:D

you can check it out here
http://www.kx9.net/login.php
the pw/un in the DB are
un:wer
pw:wer






<?php

$conn = mysql_connect("localhost", "xxxxxx", "xxxxxx");
mysql_select_db("xxxxxxx_login", $conn);
$uname = $_POST['name'];
$upass = $_POST['password'];
if (!empty($uname) && !empty($upass)) {
$sql1 = "select name from logins";
$unamecheck = mysql_query($sql1) or die (mysql_error());
if ($unamecheck != $uname){
echo "Invalid username";
exit;}
$sql = "select name, password from logins where name = '$uname'";
$result = mysql_query($sql) or die (mysql_error());
extract(mysql_fetch_assoc($result));
if ($password == $_POST["password"]) {
header ("Location: <a href='http://www.jza2000.com/");' target='_blank'>http://www.jza2000.com/");</a>
} else {
echo "You entered an invalid password, please double check and try again";
}}
elseif (empty($uname) or empty($upass)) {
echo "You left a field blank.";
}
?>
 

CTho9305

Elite Member
Jul 26, 2000
9,214
1
81
Uh... first, your "select name from logins" should be really "select name from logins where name = '$uname'". After you set $result, do a check on mysql_num_rows to make sure that you get exactly 0 or 1 results. If you get more, you have a problem. If you get none, then throw the invalid username error. If you get one, then compare the passwords. There is no reason to do 2 sql selects.

Second, you need to store encrypted passwords if you want even a tiny bit of security. You should also really not tell the visitor that they entered a valid username but invalid password if you want even more security.

edit: Here's a login function I wrote a while back:
function doLogin($username, $password) //password should actually be the md5() of the string from the user
{
if(makeConnection() == true){ //makeConnection() establishes a connection to my database
$logged_in = false;
$sql = "SELECT ID FROM t_user WHERE username='$username' AND password='$password'";
$res = mysql_query($sql) or die(mysql_error());
$numrows = mysql_num_rows($res);
if($numrows == 1)
{
$logged_in = true;
$_SESSION['loggedin'] = $logged_in;
$myrow = mysql_fetch_array($res);
$_SESSION['user_ID'] = $myrow['ID'];
$_SESSION['username'] = $username;
} else{ // this catches the case where there were no results OR multiple results (the latter is actually a sign of a serious problem, but we don't need to worry about that for a general case ;))
$logged_in = false;
}
return $logged_in;
}
die ("db error"); //we should have returned already.
return false; // only if db connection fails. We should never get here anyway.
}
 

Fiveohhh

Diamond Member
Jan 18, 2002
3,776
0
0
thanks I'll try it out. planning on encrypting them eventually, but just trying to get the functionality of it going.